svn commit: trunk/uClibc/libc/stdlib/malloc-simple
vapier at uclibc.org
vapier at uclibc.org
Wed Apr 11 22:52:22 UTC 2007
Author: vapier
Date: 2007-04-11 15:52:20 -0700 (Wed, 11 Apr 2007)
New Revision: 18406
Log:
POSIX says you can use realloc() to shrink buffers ... make sure we dont trigger a buffer overflow in that case
Modified:
trunk/uClibc/libc/stdlib/malloc-simple/alloc.c
Changeset:
Modified: trunk/uClibc/libc/stdlib/malloc-simple/alloc.c
===================================================================
--- trunk/uClibc/libc/stdlib/malloc-simple/alloc.c 2007-04-11 20:43:31 UTC (rev 18405)
+++ trunk/uClibc/libc/stdlib/malloc-simple/alloc.c 2007-04-11 22:52:20 UTC (rev 18406)
@@ -91,7 +91,8 @@
newptr = malloc(size);
if (newptr) {
- memcpy(newptr, ptr, *((size_t *) (ptr - sizeof(size_t))));
+ size_t old_size = *((size_t *) (ptr - sizeof(size_t)));
+ memcpy(newptr, ptr, (old_size < size ? old_size : size));
free(ptr);
}
return newptr;
More information about the uClibc-cvs
mailing list